CVE-2024-0244: Buffer Overflow
First published: Tue Feb 06 2024(Updated: )
Buffer overflow in CPCA PCFAX number process of Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF750C Series firmware v03.07 and earlier sold in Japan. Color imageCLASS MF750C Series/Color imageCLASS X MF1333C firmware v03.07 and earlier sold in US. i-SENSYS MF754Cdw/C1333iF firmware v03.07 and earlier sold in Europe.
Credit: f98c90f0-e9bd-4fa7-911b-51993f3571fd
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Canon i-SENSYS MF754Cdw | <=03.07 | |
| Canon i-SENSYS MF754Cdw Firmware | ||
| All of | ||
| Canon i-SENSYS X C1333iF | <=03.07 | |
| Canon i-SENSYS X C1333iF firmware | ||
| All of | ||
| Canon MF755Cdw Firmware | <=03.07 | |
| Canon MF755Cdw Firmware | ||
| All of | ||
| Canon MF753Cdw Firmware | <=03.07 | |
| Canon MF753Cdw Firmware | ||
| All of | ||
| Canon MF751CDW Firmware | <=03.07 | |
| Canon MF751CDW Firmware | ||
| All of | ||
| Canon MF1333C Firmware | <=03.07 | |
| Canon MF1333C Firmware | ||
| All of | ||
| Canon LBP1333C Firmware | <=03.07 | |
| Canon LBP1333C Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://psirt.canon/advisory-information/cp2024-001/
- https://canon.jp/support/support-info/240205vulnerability-response
- https://www.usa.canon.com/support/canon-product-advisories/Service-Notice-Regarding-Vulnerability-Measure-Against-Buffer-Overflow-for-Laser-Printers-and-Small-Office-Multifunctional-Printers
- https://www.canon-europe.com/support/product-security-latest-news/
Frequently Asked Questions
What is the severity of CVE-2024-0244?
CVE-2024-0244 is considered a high severity vulnerability due to the potential for arbitrary code execution.
How do I fix CVE-2024-0244?
To fix CVE-2024-0244, update the firmware of affected Canon printers to the latest version beyond 03.07.
What products are affected by CVE-2024-0244?
CVE-2024-0244 affects multiple Canon multifunction and laser printers, specifically those with firmware version 03.07 or earlier.
What type of attack can CVE-2024-0244 enable?
CVE-2024-0244 can enable attackers to trigger a buffer overflow that makes the affected printer unresponsive or allows arbitrary code execution.
Is there any workaround for CVE-2024-0244?
Currently, the best workaround for CVE-2024-0244 is to ensure that the vulnerable printers are not exposed to unnecessary network access.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/canon
- canonical/canon i-sensys mf754cdw
- version/canon i-sensys mf754cdw/03.07
- canonical/canon i-sensys mf754cdw firmware
- canonical/canon i-sensys x c1333if
- version/canon i-sensys x c1333if/03.07
- canonical/canon i-sensys x c1333if firmware
- canonical/canon mf755cdw firmware
- version/canon mf755cdw firmware/03.07
- canonical/canon mf753cdw firmware
- version/canon mf753cdw firmware/03.07
- canonical/canon mf751cdw firmware
- version/canon mf751cdw firmware/03.07
- canonical/canon mf1333c firmware
- version/canon mf1333c firmware/03.07
- canonical/canon lbp1333c firmware
- version/canon lbp1333c firmware/03.07